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Abstract 



The incompressibility method is an elementary yet powerful proof technique. It has 
been used successfully in many areas |8| . To further demonstrate its power and elegance 
Q^) ' we exhibit new simple proofs using the incompressibility method. 

q ; 1 Introduction 

The incompressibility of individual random objects yields a simple but powerful proof tech- 
J> ' nique: the incompressibility method. This method is a general purpose tool that can be 

used to prove lower bounds on computational problems, to obtain combinatorial properties 
of concrete objects, and to analyze the average complexity of an algorithm. Since the early 
Q\ ' 1980's, the incompressibility method has been successfully used to solve many well-known 

questions that had been open for a long time and to supply new simplified proofs for known 
. results. A survey is ||. 

The purpose of this paper is pragmatic, in the same style as [||, 0] . We want to further 
demonstrate how easy the incompressibility method can be used, via a new collection of 
simple examples. The proofs we have chosen to be included in Q and here are not difficult 
ones. They are from diverse topics and most of these topics are well-known. Some of our 
$_i ■ results are new (but this is not important), and some are known before. In all cases, the 

new proofs are much simpler than the old ones (if they exist). 
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2 Kolmogorov Complexity and the Incompressibility Method 



We use the following notation. Let x be a finite binary string. Then l(x) denotes the length 
(number of bits) of x. In particular, 1(e) = where e denotes the empty word. 

We can map {0, 1}* one-to-one onto the natural numbers by associating each string with 
its index in the length-increasing lexicographical ordering 

(e, 0), (0, 1), (1, 2), (00, 3), (01, 4), (10, 5), (11, 6), . . . . (1) 

This way we have a binary representation for the natural numbers that is different from 
the standard binary representation. It is convenient not to distinguish between the first 
and second element of the same pair, and call them "string" or "number" arbitrarily. As 
an example, we have 1(7) = 00. Let x,y, S M, where J\f denotes the natural numbers. Let 
To, Ti, ... be a standard enumeration of all Turing machines. Let (•, •) be a standard one-one 
mapping from N x J\f to AT, for technical reasons chosen such that l((x, y)) = l(y) + 0(l(x)). 

Informally, the Kolmogorov complexity, |l(| , of x is the length of the shortest effective 
description of x. That is, the Kolmogorov complexity C(x) of a finite string x is simply the 
length of the shortest program, say in FORTRAN (or in Turing machine codes) encoded in 
binary, which prints x without any input. A similar definition holds conditionally, in the 
sense that C(x\y) is the length of the shortest binary program which computes x on input 
y. Kolmogorov complexity is absolute in the sense of being independent of the program- 
ming language, up to a fixed additional constant term which depends on the programming 
language but not on x. We now fix one canonical programming language once and for all 
as reference and thereby C(). For the theory and applications, as well as history, see ||]. A 
formal definition is as follows: 

Definition 1 Let U be an appropriate universal Turing machine such that 

U(((i,p),y))=T l ((p,y)) 

for all i and {p, y) . The conditional Kolmogorov complexity of x given y is 

C(x\y) = min {l(p) : U((p,y}) = x}. 
pe{o,ij* 

The unconditional Kolmogorov complexity of x is defined as C(x) := C(x\e). 

It is easy to see that there are strings that can be described by programs much shorter 
than themselves. For instance, the function defined by f(l) = 2 and f(i) = 2-^ t ~ 1 ) for 
i > 1 grows very fast, f(k) is a "stack" of k twos. Yet for each k it is clear that f(k) has 
complexity at most C(k) + 0(1). 

By a simple counting argument one can show that whereas some strings can be enor- 
mously compressed, the majority of strings can hardly be compressed at all. For each n 
there are 2 n binary strings of length n, but only Ya=o 2* = 2" — 1 possible shorter descrip- 
tions. Therefore, there is at least one binary string x of length n such that C(x) > n. We 
call such strings incompressible. It also follows that for any length n and any binary string 
y, there is a binary string x of length n such that C(x\y) > n. 
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Definition 2 For each constant c we say a string x is c-incompressible if C(x) > l(x) — c. 

Strings that are incompressible (say, c-incompressible with small c) are patternless, 
since a pattern could be used to reduce the description length. Intuitively, we think of such 
patternless sequences as being random, and we use "random sequence" synonymously with 
"incompressible sequence." It is possible to give a rigorous formalization of the intuitive 
notion of a random sequence as a sequence that passes all effective tests for randomness, 
see for example |§. 

How many strings of length n are c-incompressible? By the same counting argument we 
find that the number of strings of length n that are c-incompressible is at least 2 n — 2 n ~ c + 1. 
Hence there is at least one O-incompressible string of length n, at least one-half of all 
strings of length n are 1-incompressible, at least three-fourths of all strings of length n are 
2-incompressible, . . . , and at least the (1 — l/2 c )th part of all 2 n strings of length n are 
c-incompressible. This means that for each constant c > 1 the majority of all strings of 
length n (with n > c) is c-incompressible. We generalize this to the following simple but 
extremely useful Incompressibility Lemma. 

Lemma 1 Let c be a positive integer. For each fixed y, every set A of cardinality m has at 
least m{\ — 2~ c ) + 1 elements x with C{x\y) > [logrn-J — c. 

Proof. By simple counting. □ 

As an example, set A = {x : l(x) = n}. Then the cardinality of A is m = 2 n . Since it 
is easy to assert that C(x) <n + c for some fixed c and all x in A, Lemma [l] demonstrates 
that this trivial estimate is quite sharp. The deeper reason is that since there are few short 
programs, there can be only few objects of low complexity. 

Definition 3 A prefix set, or prefix-free code, or prefix code, is a set of strings such that 
no member is a prefix of any other member. A prefix set which is the domain of a partial 
recursive function (set of halting programs for a Turing machine) is a special type of prefix 
code called a self- delimiting code because there is an effective procedure which reading 
left-to-right determines where a code word ends without reading past the last symbol. A 
one-to-one function with a range that is a self-delimiting code will also be called a self- 
delimiting code. 

A simple self-delimiting code we use throughout is obtained by reserving one symbol, 
say 0, as a stop sign and encoding a natural number x as 1^0. We can prefix an object with 
its length and iterate this idea to obtain ever shorter codes: 



Thus, Ei(x) = l'^Ox and has length l(E\(x)) = 2l(x) + 1; E 2 {x) = lg 1 (Z(x))x and has 
length l{E2{x)) = l{x) + 2l(l(x)) + 1. We have for example 




for i = 0, 
for i > 0. 



(2) 



KE 3 {x)) < l(x) + logl{x) + 21oglog^(x) + 1. 



Define the pairing function 




(3) 



3 



with inverses (-)i, (-)2- This can be iterated to ((•, •), •). 

In a typical proof using the incompressibility method, one first chooses an individually 
random object from the class under discussion. This object is effectively incompressible. 
The argument invariably says that if a desired property does not hold, then the object 
can be compressed. This yields the required contradiction. Then, since most objects are 
random, the desired property usually holds on average. 

3 Number of Strings of Maximum Complexity 

A simple counting argument shows that for every n there is at least one string x of length 
n such that C(x\n) > n and a string y of length n such that C((y) > n. In fact, we can do 
much better. With respect to the prefix version K{-) of Kolmogorov complexity reference 
§ gives an elegant proof that the number strings of length n that have maximal prefix 
complexity (also known as self-delimiting complexity or program-size complexity) is 0(2 n ). 

Q 

The purpose of this section is analyse this matter in detail with respect to C(-) com- 
plexity. The situation is different from prefix-complexity because here we have a simple 
constructive upper bound. We also want to determine how large the C(-)-complexity in 
fact can get (and how many such strings there are). That these matters are not mere 
curiosities but can be used to obtain meaningful results are shown in Q. f] 

Theorem 1 There is a constant d > such that for every n there are at least [2 n /d\ 
strings x of length n with C{x\n) > n (respectively, C(x) > n). 

Proof. It is well-known that there is a constant c > such that for every n there is 
a string x of length n such that C(x\n) < n + c. Hence for every n and every x of length 
l(x) < n — c — 1 we have C(x\n) < n. Consequently, there are at most 2 n — 2 n_c programs 
of length < n available as shortest programs for the strings of length n (there are 2 n — 1 
potential programs and 2 n_c — 1 thereoff are already taken). Hence there are at least 2 n_c 
strings x of length n with C(x\n) > n. □ 

Theorem 2 There are constants c,d>0 such that for every large enough n there are at 
least [2 n /d\ strings x of length n — c < l(x) < n with C(x\n) > n (respectively, C{x) > n). 

Proof. For every n there are equally many strings of length < n to be described and 
potential programs of length < n to describe them. Since some programs do not halt for 

1 Prefix complexity makes its brief and only appearance in this paper here; for more details check out 
[g]. We remark that the prefix complexity K(x) is typically larger than C(x) and in fact for every n there 
are x such that K(x) — n + K(n) + 0(1). This is larger than C(x) which is upper bounded by n + O(l). 
With respect to the the related question for C(x) complexity states: "An earlier, unpublished version of 
this result was obtained more than twenty years ago in connection with [C(-)]. . . . the proof shows that a 
number is large because it is random." 

2 The history of interest and reinvention of these curious but useful facts makes it useful to archive them. 
Theorems ji], ^| were independently proved by two of us [HB,PV] in June 1995, and Theorem [j] was also 
independently found by both M. Kummer and L. Fortnow. This was not published but appears as Exercise 
2.2.6 in M. Of course, the cited reference jij giving the result for the prefix-complexity K(-) preceeds all of 
this. 
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every large enough n there exists a string x of length at most n such that n < C(x\n) < 
l(x) + c and a string y of length at most n such that n < C(y) < l(y) + c. 

Let there be m > 1 such strings. Given m and n we can enumerate all 2™ +1 — m— 1 strings 
x of length < n and complexity C{x\n) < n by dovetailing the running of all programs of 
length < n. The lexicographic first string of length < n not in the list, say x, is described 
by a program p giving m in logm bits plus an 0(l)-bit program to do the decoding of x. 
Therefore, logm + O(l) > C{x\n) > n which proves the theorem for the conditional case. 
The unconditional result follows similarly by padding the description of x up to length n + c' 
for a constant c' and adding the description of c' to program p describing x. This way we 
can first retrieve d from p and then retrieve n from the length of p. □ 

Remark 1 This shows that there are lots of strings x that have complexity larger than 
their lengths. How much larger can this get? While the theorems above are invariant with 
respect to the choice of the particular reference universal Turing machine in the definition 
of the Kolmogorov complexity, the excess of maximal complexity over the length depends 
on this choice. 

For example, we can easily choose a reference universal Turing machine that has no 
halting programs of odd length, or such that it has no halting programs of length i mod 100 
for % = 0, . . . , 98. In such a case there are many x's that have complexity at least l(x) + 100. 
In the opposite extreme, given an appropriate universal Turing machine U we can transform 
it into a universal Turing machine U' such that U'(lp) = p and U'(0p) = U(p) for all p. 
Taking U' as reference universal Turing machine we clearly have C{x) < l{x) + 1 for all 
x. Consequently, for every n the shortest programs of strings of length < n have length at 
most n. This means that there are at most 2 n+1 — 2 n = 2 n strings available of length at 
most n to serve as shortest programs for strings of length n. 

By definition of U' the Theorem ^ means that at least Q(2 n ) strings of length n are 
used as shortest programs for strings of length n — 1, while by definition of U' at least 2 n /2 
strings of length n are used as (not necessarily shortest) programs for strings of length n — 1. 
Consequently, at most 2 n /2 strings x of length n have complexity C{x) = n and at least 
f2(2 n ) strings y of length n have complexity C(y) = n + 1. There are no strings z of length 
n that have complexity C(z) > n + 1. 

4 Average Time for Boolean Matrix Multiplication 

We begin with a simple (almost trivial) illustration of average-case analysis using the in- 
compressibility method. Consider the problem of multiplying two n x n boolean matrices 
A = [a,ij) and B = (bij). Efficient algorithms for this problem have always been a very 
popular topic in the theoretical computer science literature due to the wide range of appli- 
cations of boolean matrix multiplication. The best worst-case time complexity obtained so 
far is 0(n 2 376 ) due to Coppersmith and Winograd ||. In 1973, O'Neil and O'Neil devised 
a simple algorithm described below which runs in 0(n 3 ) time in the worst case but achieves 
an average time complexity of 0(n 2 ) |12[ |. 

Algorithm QuickMultiply(^4, B) 
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1. Let C = {cij) denote the result of multiplying A and B. 

2. For i := 1 to n do 

3. Let ji < ■ ■ ■ < j m be the indices such that dij k = 1, 1 < k < m. 

4. For j := 1 to n do 

5. Search the list bj 1 j, . . . , bj m j sequentially for a bit 1. 

6. Set Cij = 1 if a bit 1 is found, or Cjj = otherwise. 



An analysis of the average-case time complexity of QuickMultiply is given in [12] us- 
ing simple probabilitistic arguments. Here we give an analysis using the incompressibility 
method. 



Theorem 3 Suppose that the elements of A and B are drawn uniformly and independently. 
Algorithm QuickMultiply runs in 0(n 2 ) time on the average. 

Proof. Let n be a sufficiently large integer. Observe that the average time of Quick- 
Multiply is trivially bounded between 0(n 2 ) and 0(n 3 ). By the Incompressibility Lemma, 
out of the 2 2n pairs of n x n boolean matrices, at least (n — l)2 2n /n of them are logn- 
incompressible. Hence, it suffices to consider log n-incompressible boolean matrices. 

Take a log n-incompressible binary string x of length 2n 2 , and form two n x n boolean 
matrices A and B straightforwardly so that the first half of x corresponds to the row-major 
listing of the elements of A and the second half of x corresponds to the row-major listing 
of the elements of B. We show that QuickMultiply spends 0(n 2 ) time on A and B. 

Consider an arbitrary i, where 1 < i < n. It suffices to show that the n sequential 
searches done in Steps 4 - 6 of QuickMultiply take a total of 0(n) time. By the statistical 
results on various blocks in incompressible strings given in Section 2.6 of ||, we know that at 
least n/2 — 0(\/n\ogn) of these searches find a 1 in the first step, at least n/4 — 0(\/nlogn) 
searches find a 1 in two steps, at least n/8 — 0(\/n logn) searches find a 1 in three steps, 
and so on. Moreover, we claim that none of these searches take more than 4 logn steps. To 
see this, suppose that for some j, 1 < j < n, bj 1 j = ■ ■ ■ = bj 41ogn! j = 0. Then we can encode 
x by listing the following items in a self-delimiting manner: 

1 . A description of the above discussion. 

2. The value of i. 

3. The value of j. 

4. All bits of x except the bits bj 1 j, . . . , bj 41ogn j. 
This encoding takes at most 

0(1) +2 log n + 2n 2 — 4 log n + 0(log log n) < 2n 2 — log n 
bits for sufficiently large n, which contradicts the assumption that x is log n-incompressible. 
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Hence, the n searches take at most a total of 

log n 

(n/2 fc - 0(Vn log n)) ■ k) + (logn) • 0(y/n\ogn) ■ (4 logn) 

k=l 

log n 

< ( ^2 kn / 2k + 0(log 2 nyjn log n) 

k=l 

= 0(n) + 0(log 2 n\Jn logn) 
= 0(n) 

steps. This completes the proof. □ 

5 Average Complexity of Finding the Majority 

Let X — X \ ' 

be a binary string. The majority bit (or simply, the majority) of x is the 
bit (0 or 1) that appears more than [n/2\ times in x. The majority problem is that, given 
a binary string x, determine the majority of x. When x has no majority, we must report 
so. 

The time complexity for finding the majority has been well studied in the literature 
(see, e.g. [ffl, ||, ||, ||, fb|). It is known that, in the worst case, n — v(n) bit comparisons 
are necessary and sufficient [l3| , where v(n) is the number of occurrences of bit 1 in the 
binary representation of number n. Recently, Alonso, Reingold and Schott Q studied the 
average complexity of finding the majority assuming the uniform probability distribution 
model. Using quite sophisticated arguments based on decision trees, they showed that on 
the average finding the majority requires at most 2n/3 — \/8n/97r + O(logn) comparisons 
and at least 2n/3 — y / 8n/97r + ©(1) comparisons. 

In this section, we consider the average complexity of finding the majority and prove a 
pair of upper and lower bounds tight up to the first major term, using simple incompress- 
ibility arguments. 

We start by proving an upper bound of 2n/3 + 0{\Jn log n). The following standard 
tournament algorithm is needed. 

Algorithm Tournament (2; = x\ ■ ■ ■ x n ) 

1. If n = 1 then return x\ as the majority. 

2. Elseif n = 2 then 

3. If x\ = X2 then return x\ as the majority. 

4. Else return "no majority". 

5. Elseif n = 3 then 

6. If x\ = X2 then return x\ as the majority. 

7. Else return X3 as the majority. 
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8. Let y = e. 

9. For i := 1 to [n/2\ do 

10. If X2i~i = X2i then append the bit X2i to y. 

11. If \n/2\ is even then append the bit x n to y. 

12. Call Tournament (y). 

Theorem 4 On the average, algorithm Tournament requires at most 2n/3 + 0(y/n logn) 
comparisons. 

Proof. Let n be a sufficiently large number. Again, since algorithm Tournament 
makes at n comparisons on any string of length n, by the Incompressibility Lemma, it 
suffices to consider running time of Tournament on log n-incompressible strings. Let x = 
x\ ■ ■ ■ x n be a log n-incompressible binary string. For any integer m < n, let a(m) denote 
the maximum number of comparisons required by algorithm Tournament on any logn- 
incompressible string of length m. 

We know from || that among the [n/2\ bit pairs (x\,X2), ■ ■ ■ , (^2Ln/2j-ii X 2[n/2J ) that 
are compared in step 10 of Tournament, there are at least n/4 — 0{^n logn) pairs consisting 
of complementary bits. Clearly, the new string y obtained at the end of step 11 should satisfy 

C(y)>Z(y)-logn-0(l) 

Hence, we have the following recurrence relation for o~(m): 

a(m) < [m/2j + <r(m/4 + 0(\/m log n)) 

By straightforward expansion, we obtain that 

a(n) < [n/2\ + a{n/A + 0{y/n\ogn)) 

< n/2 + a(n/4 + O(VnTogn)) 

< n/2 + (n/8 + 0( v / nlogn)/2) + <r(n/16 + 0(^n logn)/4 + 0(^J(n log n)/4)) 
= n/2 + (n/8 + 0(y/n\ogn)/2) + a(n/16 + (3/4) • 0(y/nlogn)) 

< ■■■ 

< 2n/3 + 0( v / nlogn) 

□ 

Now we prove a lower bound which differs from the above upper bound only by 0{^Jn log n). 

Theorem 5 Every algorithm requires at least 2n/3 — 0{^Jn log n) comparisons to find the 
majority, on the average. 
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Proof. Consider an arbitrary majority finding algorithm A. Again, let n be a suffi- 
ciently large number and log n-incompressible binary string. Without loss 
of generality, we assume that A never makes redundant comparisons, i.e. if the relationship 
between bits X{ and Xj can be inferred from the previous comparisons, then A will not 
compare X{ with Xj again. It will be useful to think of the comparisons of A as partitioning 
the bits xi, . . . ,x n of x into "clusters" where each cluster contains all the bits whose rela- 
tionships to each other have been established. Let d, . . . , C p be the clusters formed when 
A terminates. For each cluster Cj, let w(Ci), called the weight of Cj, denote the absolute 
value of the difference between the number of O's and the number of l's in Cj. Clearly, in 
order for algorithm A to be correct, there must be a unique cluster Cj such that 

w(Ci) >£>(C,). 

(Otherwise how can the algorithm declare the majority) 

We first claim that for each cluster Q, its weight w(Ci) < 0(y/nlog n). Suppose that C{ 
contains m bits x^ , . . . , Xi m , listed in the order that they were first compared. Clearly, given 
the algorithm A, the bits in the clusters C±, . . . , C p , listed in the order that they were first 
compared, encode the string x. Since the total number of the bits is n and C(x) > n — logn, 
we have C(x{ 1 ■ ■ ■ Xi m ) > m — logn — 0(1). Hence, from the results in |8| we know that the 
numbers of O's and l's in these bits differ by at most 0(y/m logn) < 0(y/n log n). 

Suppose that A makes a total of k comparisons. In order to relate k to the Kolmogorov 
complexity of the string x, we re-encode x by listing the following information in the self- 
delimiting form: 

1. The above discussion and the algorithm A. 

2. For each of the k comparisons made by A, a bit indicating the outcome of the com- 
parison. This gives rise to a string y of length k. 

3. For each cluster Cj, a bit indicating the value of the lowest indexed bit in Cj. 

Since A does not make redundant comparisons, the length of the above description is 
at most n + logn + O(l). Hence, 

k + p = l{y) + p = n ± log n ± 0(1) 

Thus, C(y) > k—2 log n. Again, by the results in |||, we claim that at most k/2+0(^klogn) 
of the k comparisons identify pairs of complementary bits. 

Observe that for any cluster Cj, in order for the weight w(Ci) to equal zero, at least one 
of the comparisons that form Cj must involve complementary bits. Hence, from the above 
discussion, the number of clusters with zero weight is at most k/2 + 0{\Jk log n). Since the 
maximum weight of a cluster is 0(y/n logn), we have 

p — k/2 — O(vHogn) < 0(\/nlogn) 

Since p > n — k — O(l), we obtain 

n-k- Oil) - k/2 - 0{yfk\ogn) < O(^nlogn) 
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That is, 

k > 2n/3 — 0(\Jk\og n) — 0{y/n log n) = 2n/3 — 0{y/n\ogn). 

□ 

6 Communication Complexity 

Consider the following communication complexity problem (for definitions see the book by 
Kushilevitz and Nisan pi]]). Initially, Alice has a string x = x\, . . . , x n and Bob has a string 
y = yi, . . . , y n with x, y G {0, l} n . Alice and Bob use an agreed-upon protocol to compute 
the inner product of x and y modulo 2 

n 

f{x,y) = ^2xi-Vi mod 2 
i=\ 

with Alice ending up with the result. We are interested in the minimal possible number 
of bits used in communication between Alice and Bob in such a protocol. Here we prove 
a lower bound of n — 1, which is almost tight since the trivial protocol where Bob sends 
all his n bits to Alice achieves this bound. In [jllj it is shown that the lower bound is 
in fact n. We also show an n — O(l) lower bound for the average-case complexity and a 
n — 1 + log(l — e) lower bound for randomized algorithms (private coins) that output the 
correct answer with probability at least 1 — e. 

Theorem 6 Assume the discussion above. Every protocol computing the inner product 
function requires at least n — 1 bits of communication. 

Proof. Fix a communication protocol P that computes the inner product. Let A be 
an algorithm that we describe later. Let z be a string of length 2n such that C(z\A, P, n) > 
2n — 1. Let z = x\ . . . x n y\ . . . y n Let Alice's input be x = x\ . . . x n and Bob's input be 
2/i . . .y n . Assume without loss of generality that f(x,y) = (the innerproduct of x and y 
is modulo 2). [] Run the communication protocol P between Alice and Bob ending in a 
state where Alice outputs that f(x,y) is 0. Let C be the sequence of bits sent back and 
forth. Note that P can be viewed as a tree with C a path in this tree |Tl]]. Hence C is 
self-delimiting. Consider the set S defined by 

S := {a : 3b such that P(a, b) = and induces conversation C , a, b £ {0, 1}™}. 

Given n, P and C, we can compute S. Let the cardinality of S be I. The strings in S form 
a matrix M over GF(2) with the ith row of M corresponding to the ith string in S (say in 
lexicographic ordering). Since for every a £ S it holds that f(a,y) = it follows that y is 
an element of the Null space of M (y E Null(M)). Application of the Null space Theorem 
from linear algebra yields: 

rank(M) + dim(Null(M)) = n. (4) 

3 By symmetry there are precisely 2 2 " -1 strings z = xy l(x) = l(y) = n with inner product x,y equal 0. 
There are only 2 2n_1 — 1 programs of length less than 2n — 1. Hence there must be a z as required. 
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Since the cardinality of S is I and we are working over GF(2) it follows that the rank of M 
is at least log(/) and by (||) it follows that dim(Null(M)) < n — log(Z). The following is an 
effective description of z given n and the reconstructive algorithm A explained below: 

1. C; 

2. the index of x £ S using log(Z) bits; and 

3. the index of y € Null(M) with n — log(Z) bits. 

The three items above can be concatenated without delimiters. Namely, C itself is self- 
delimiting, while from C one can generate S and hence compute I. From the latter item 
one can compute the binary length of the index for x £ S, and the remaining suffix of 
the binary description is the index for y S Null(M). From the given description and P,n 
the algorithm A reconstructs x and y and outputs z = xy. Consequently, C(z\A, P,n) < 
1(C) + log / + (n — log/). Since we have assumed C(z\A, P, n) > 2n — 1 it follows that 
1(C) >n-l. □ 

We can improve this lower bound to n as follows: 

Theorem 7 Assume the discussion above. There exists a constant c such that for all m 
there is an n (2m — c < 2n < 2m ) such that every protocol computing the inner product 
function of two n-bit strings requires at least n bits of communication. 

Proof. Using a similar argument as in Theorem |2| there is a constant c such that for 
every m we can choose z of length 2n (2m — c < 2n < 2m) with associated inner product 
and C(z\A, P,n) > 2n. The remainder of the proof is the same as above. □ 

Approximately the same lower bound holds for the average-case communication com- 
plexity of computing the inner product of two n-bit strings: 

Theorem 8 The average communication complexity of computing the inner product of two 
n-bit strings is at least n — 0(1) bits. 

Proof. There are exactly 2 2n_1 strings z of length 2n such that z = xy, l(x) = l(y) = n 
and inner product of x and y modulo 2 equals 1. For such z define z = xy as z but with 
the first bit of x and the first bit of y changed so that the inner product of the resulting 
strings x and y equals 0. C(w\n) = C(w\n) + 0(1) for every w S {z,x,y}. Let 5(n) be a 
function and choose in the proof above C(z\A, P, n) >2n — 5(n). By simple counting there 
are at least 

2 2 ™(l_l/2 5 ( n )) (5) 

such z's. If the above inner product associated with z equals 1 then the inner product 
associated with z equals and C(z\A, P, n) >2n — 5(n) — 0(1) 

Hence we can apply the proof of the previous theorem for all z with randomness defi- 
ciency at most 5(n) as follows: 

• If z has an associated inner product then the proof as above yielding l(C z ) > n — 5(n) 
where C z is the communication sequence associated with the computation with input 
z. 
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• If z has associated inner product 1 then the proof as above to z yielding l(Cz) > 
n-S(n)-0(l). 

There are at least 2 2n (l - l/2 a (™)) strings z of length 2n with C(z\A,P,n) > 2n - 5(n). 
Altogether we obtain that the average communication complexity is 

J2 Pr(z)l(C z ) = 2- 2n J2 l (C z ) 
ze{o,i} 2 ™ ze{o,i} 2n 



> 



n 

-2n 



E E Kc 

5(n)=l zG{0,l} n SzC(z\A,P,n)=2n-S(n) 



n , 

* 2 ~ 2n E ^^("-^-ow) 



5(n)=l 

^ n " 8{n) + Q(l) 

5(n)=l 5(n)=l 

> n-O(l). 

This proves the theorem. □ 

A similar proof establishes a lower bound of about n bits for the communication com- 
plexity of equality of the strings held by both parties. 

Theorem 9 The communication complexity of a randomized protocol using private coins 
computing the inner product of two n-bit strings that outputs the correct answer with prob- 
ability at least 1 — e is at least n — 1 + log(l — e) bits. 

Proof. The proof is similar to that of the determinsitic lower bound. Assume that 
Alice and Bob compute probabilistically, that is, they can each flip a private fair coin (whoes 
output does not depend on the input) and decide their next step depending on the result of 
the coin flip, and the error rate of their computation is e. Because for each pair of inputs, 
there is 1 — e chance to output the correct result, there must exist a coin flipping sequence 
such that using it Bob and Alice output the correct result for 1 — e portion of the inputs. 
Fix such a sequence R. Out of such 2 2n (l — e) strings of length 2n, choose z such that 

C(z\A,P,R,n) >=2n-l + log(l-e). 

Such z exists according to Lemma [l]. Then we procede as before in the edeterministic case 
to show that Alice and Bob must communicate 

n — 1 + log(l — e) 

bits to compute f(x,y), where z = xy, \x\ = \y\ = n. □ 
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